10.1 Creating a Circle of Trust

When you create metadata for the Identity Provider, the Identity Provider entity is added to a circle of trust. A circle of trust is used to group Service Providers and Identity Providers in a secure, trusted environment. Other remote provider entities can be added to the circle of trust. Whenever the SAMLv2 protocol is initiated, the SAMLv2 plug-in determines which circle of trust the requesting entity belongs to, and what other providers are available to interact with it. All entities within the same circle of trust can participate in the SAMLv2 protocols.

To Create a Circle of Trust

As a root user, log into the Access Manager 1 host.

Run the cotcreate command:

# /opt/SUNWam/saml2/bin/saml2meta cotcreate -u amadmin 
-w 4m4dmin1 -r /users -t saml2_circle_of_trust 
Circle of trust "saml2_circle_of_trust" is created successfully.

Previous: Chapter 9 Setting Up the Identity Provider Keystores
Next: 10.2 Configuring the SAMLv2 Identity Provider Metadata